How to apply Digital Signature in a InfoPath formular?

When creating a InfoPath template you can trust with Digital Signature in 2 ways.

When developing an IP template you can add a certificate to your XSN template and publish and apply it on your server. So that every client knows that the formular comes from a trusted location.

The other Certification procedure is a client site created certificate which should be send to the server CA (Certificate Authority). This is very usefully when many e.g. employees travel and work remotely, the forms must be available to be completed and signed in a Web browser or IP CLient form.

1. Deploy a certificate to your XSN template on the Server

In the InfoPath you can create a fully trusted server site form template by signing the XSN with a code signing certificate. Here’s what you do:

While in the InfoPath designer, select Tools | Form Options | Security

Uncheck the “Automatically determine security level based on form’s design”

Select Full Trust

Click the Sign this form button

The first time your users fill out the form that you have signed with a certain certificate, they will see a Security Warning dialog that notifies them that the form template is digitally signed and asks if they trust the publisher. Once they have checked the box to trust the publisher, they will be able to open any form template that asks for full trust and is signed with that same certificate.

If users find that the option to trust the publisher is disabled, that means that the root of the certificate used is not trusted on the user’s machine.

When you received your code-signing certificate, you asked the CA (Certificate Authority) for it. What the CA delivered to you is a certificate that is now in your personal folder that is trusted by you and by anybody who trusts the CA that issued it. So, for example, if you get a code signing certificate from Verisign, any user will have the option to trust you as a publisher as long as they also have Verisign in the list of Trusted Root Certification Authorities on their machine. Once a user has trusted the root of a certificate, the option to trust the publisher will be enabled in the Security Warning dialog that is displayed when they fill out a fully-trusted, signed form.

2. Client site digital signatures

I gonna show in a few steps how to enable digital signatures in an InfoPath form so that users can sign the form in Microsoft Office InfoPath 2007 or in Internet Explorer.

You can enable digital signatures when designing a form so that users can add digital signature when filling it out. This digital signature proves that the form originated from the signer and has not been changed. Also the signature can include some comments from the author. After signing, the data in the form cannot be changed without cancellation digital signature.

When adding a digital signature, the user must use a digital certificate. Digital certificate is an attachment for a file, macro project, or e-mail message that assures authenticity, provides secure encryption, or supplies a verifiable signature. Digital certificates, which you can get through commercial certification authorities or from your internal security administrator, establish the authenticity of the signature.

you need the following things:

A digital certificate CA (Certificate Authority) with which to sign the form. You can obtain from VeriSign. In this case, VeriSign is the certification authority.

Access to a Microsoft Office SharePoint Server site on a server that is running InfoPath Forms Services.

For the user’s certificate to be trusted, the certificate of the certification authority must be installed in the Trusted Root certificate folder on the server. When you use a VeriSign certificate, it is installed with Windows Server 2003. If you are using a different certification authority, install the certificate in the Trusted Root folder on the server.

You can use different Web browsers to open InfoPath forms from a server running InfoPath Forms Services; however, you can only use Internet Explorer to digitally sign InfoPath forms.

InfoPath lets you show digital signature UI (“click here to sign this form”) under a signable section; however, this section doesn’t have to include any controls! This means that you can have your signable section with controls at the top of the form, some extra content in the middle, and then another section bound to the same nodes in the data source without any controls in it.

When you enable digital signatures for an entire form, the form users must enter all the data they require before they sign the form. After the first signature is added, all controls in the form and the form’s XML Document Object Model (DOM) become read-only, and the text [Signed] appears in the title bar. Other users who open the form cannot enter data; they can only add, remove, or verify counter-signatures.

Creating and Signing the Form Template

You will first create a form template that can be signed, and then sign it with a digital certificate in Internet Explorer.

To create a form template that can be signed in Internet Explorer

Start Office InfoPath 2007.

In the Getting Started dialog box, click Design a Form Template.

In the Design a Form Template dialog box, click the Form Template option, and then select Blank.

Check the Enable browser-compatible features only check box, and then click OK.

On the Design Tasks task pane, click the Controls link.

On the Controls task pane, drag a section into the view.This will be the main section for your form.

Drag controls into this section to customize the employee review form.

Right-click the tab at the bottom of the main section labeled Section and select Section Properties.

Fill out the Signing Web page dialog box, and click Sign when you are finished.To enable the I have verified this content before signing check box, you must select the digital certificate that you obtained from the certificate authority.

The signature is now visible on the form.

InfoPath digital signatures are appended to form XML, just like form data. For example, in the form above, nodes under signature1 will store the digital signature when the user adds it:

Note: You can signature a whole form only to InfoPath Client templates. On Webbased forms you have to apply to your created section.

Using this fact, we can enforce business rules in our form: for example, what if we don’t want to allow form submissions for cases when form is not signed? Let’s go to Tools | Submit Options and create two rules:

1) Show must-sign warning:

– condition: signatures2 node is blank (this will evaluate to true when no signature was added)

– action: show a dialog box message “you must sign the form before submitting it”

– check “stop processing rules when this rule finishes”

2) Submit to main data source:

– condition: always applies (unless the first rule fired – we wouldn’t get to this execution point then)

This blog is very informative and very much useful for me, this is an excellent feature in infopath and also it was explained too good by you in this blog.

Since I am new to this, i was recently working on infopath and i am facing a problem and I hope that I could definitely get reply from you and probably an answer too.

Requirement:

In SharePoint I have a list which has “Name” and “Role” as its Fields and I have filled in with some rows with Name and Role. So I am creating a data connection to get those list items (rows) into Infopath’s repeating Table.

Now in Infopath I have to maintain four things, Name, Role, Digital Signature and Four Checkboxes

Digital Signature: I want many people to sign this document.

CheckBoxes: I have four checkboxes which is the Resposibilties A,B,C,D any thing can be checked and unchecked in each of the row’s which indicates that a particular person with name and role can have any of these resposibilities.

Name and Role anyway will be filled from the data connections and I could able to successfully create all the rows that which are present in the Sharepoint list.

HOWEVER — Since the other items are not part of the same data source, I am having the same identical controls in each row of my table. I.e. If I click on one check box and they all are selected. Sign on column, and they all are signed because all are the same control across each row of the table.

For each row I should able to have new digital signature and four checkboxes, is this possible through programming? Please Help me PANVEGA. Thank You In Advance…